Special group logon tracking
First Claim
1. A computer-implemented method of generating a computer user activity log, the method comprising:
- receiving a user login, verifying user account credentials, and creating a login session;
identifying for the user one or more groups to which the user was previously assigned;
in response to identifying for the user one or more groups to which the user was previously assigned, creating a token, the token comprising data representing the one or more groups to which the user was previously assigned;
determining if the one or more groups to which the user was previously assigned includes a group to be monitored; and
creating an audit record for the login session if the one or more groups to which the user was previously assigned is a group to be monitored.
2 Assignments
0 Petitions
Accused Products
Abstract
A method of generating a computer user activity log for a user belonging to a specially monitored group includes allowing a user to logon to a local computer. The local computer verifying the user account credentials and creating a user logon session. A token is created by the local computer for identification of any group membership with which the user associated and also having the user access privileges. The group information in the token is compared with a specially monitored group list. The specially monitored group list may be obtained from a domain server or may be configured locally. If the user has membership in the specially monitored group, then a special logon session is created and activities of the user are recorded.
9 Citations
20 Claims
-
1. A computer-implemented method of generating a computer user activity log, the method comprising:
-
receiving a user login, verifying user account credentials, and creating a login session; identifying for the user one or more groups to which the user was previously assigned; in response to identifying for the user one or more groups to which the user was previously assigned, creating a token, the token comprising data representing the one or more groups to which the user was previously assigned; determining if the one or more groups to which the user was previously assigned includes a group to be monitored; and creating an audit record for the login session if the one or more groups to which the user was previously assigned is a group to be monitored. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer system to monitor computer activities of a user having membership to a specially monitored group, the system comprising:
-
a CPU responsive to a request by a user to create a login session; a local data storage device, the local storage device having a first list of users, the first list of users comprising associations for each user at least one group to which the user was previously assigned; an interface to a domain server, the domain server having a second list, the second list comprising a list of groups to be specially monitored; wherein the CPU executes a login software program that uses the first list to determine for each user the at least one group to which the user was previously assigned, communicates with the domain server to determine if the at least one group to which the user was previously assigned is identified for monitoring using the second list, and creates an audit record of the login session of the user if the at least one group to which the user was previously assigned is identified as a specially monitored group. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A computer-readable storage medium having computer-executable instructions for performing a method of generating a computer user activity log, the method comprising:
-
receiving a user login, verifying user account credentials, and creating a login session; identifying for the user one or more groups to which the user was previously assigned; in response to identifying for the user one or more groups to which the user was previously assigned, creating a token, the token comprising data representing group membership identifying the one or more groups to which the user was previously assigned; determining if the group membership includes a group to be monitored; and creating an audit record for the login session if the user is a member of a group to be monitored, wherein the audit record comprises;
a locally unique identifier useful to correlate other records with activities of the user;
a user identifier;
the group to be monitored;
a login session; and
activities of the user. - View Dependent Claims (17, 18, 19, 20)
-
Specification